package org.dydl.common.security.impl;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.dydl.common.config.CustomUserService;
import org.dydl.common.security.UserAuthentication;
import org.dydl.common.security.UserContext;
import org.dydl.common.util.LoginUtil;
import org.dydl.model.system.SysUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;

public class AuthenticationSuccessHandlerImpl extends SimpleUrlAuthenticationSuccessHandler {

	protected final Log logger = LogFactory.getLog(getClass());

	private static final String HEADER_SECURITY_TOKEN = "X-AuthToken";
	private static final String HEADER_CHECK_PASSWORD = "CK-pwd";

//	@Value("${auth.success.url}")
	private String defaultTargetUrl = "/auth/success";

	@Autowired
	private AuthTokenGeneratorService authTokenGeneratorService;

	// @Autowired
	// private UserDetailsService userDetailsService;

	// @Autowired
	// private ISysUserService userService;

	@SuppressWarnings("unused")
	@Override
	public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
			Authentication authentication) throws IOException, ServletException {

		// Lookup the complete User object from the database and create an
		// Authentication for it
		// final UserContext authenticatedUser = (UserContext)
		// userDetailsService.loadUserByUsername(authentication.getName());
		// Search search = new Search();
		// search.addFilterEqual("userName", authentication.getName());
		SysUser user = CustomUserService.sysUserList.get(authentication.getName());
		// @SuppressWarnings("unchecked")
		// SysUser user = ((List<SysUser>) userService.search(search).getData()).get(0);
		final UserContext authenticatedUser = new UserContext(user);

		final UserAuthentication userAuthentication = new UserAuthentication(authenticatedUser);

		// if (LoginUtil.checkPassword(user.getPassword()) < 1) {
		// super.setDefaultTargetUrl("/modifypwd");
		// super.onAuthenticationSuccess(request, response, userAuthentication);
		// return;

		// }

		response.addIntHeader(HEADER_CHECK_PASSWORD, LoginUtil.checkPassword(request.getParameter("password")));

		logger.info("验证服务:" + authTokenGeneratorService);

		final String authToken = authTokenGeneratorService.generateToken(authentication);

		response.addHeader(HEADER_SECURITY_TOKEN, authToken);
		request.getRequestDispatcher(defaultTargetUrl).forward(request, response);
		HttpSession httpSession = request.getSession();
		httpSession.setAttribute("userName", authentication.getName());
		// super.onAuthenticationSuccess(request, response, userAuthentication);

	}

}
